Tag: app

Apple’s first Andriod App is terrible

ANDROIDFruity cargo cult Apple’s attempts to score conversions from the Android community has failed specularly.

Yesterday, Jobs’ Mob released an app, which was supposed to encourage android users to migrate to its operating system and then junk their android phones as “worthless.”

The app was release to a great fanfare by the Tame Apple Press who predicted that the app was all Android fans needed to junk their cheaper and more functional smartphones for something that was more expensive and did less.

However those who did up load it were less than impressed with Apple’s android coding skills. Those who downloaded it have flooded the app with one-star reviews. However, it seems the Apple community has responded and has started sending five star reviews into the Android system. They have managed to claw up the average to 1.8 stars.

However since more than 79 per cent of users were happy to share their miserable experience, the five stars are in a minority.

There is no doubt that some of the one star reviews are penned by those who hate Apple, just like the five star reviews are written by those who have never owned an Android. But a big chunk of the one stars are written by those who have installed the app and found that it had poor functionality. Apparently Apple refused to follow the Android design patterns which made it hard to work.

Facebook fires intern for Harry Potter app

3435070330_1ba48d35feSocial notworking site Facebook was furious after a Harvard intern wrote an app which exposed a privacy flaw in its operation.

Aran Khanna’s app – called Marauder’s Map in tribute to the Harry Potter books – showed that users of Facebook Messenger could pinpoint the exact locations of people they were talking to.

Khanna created the app to show the consequences of unintentionally sharing data and thought he was doing a public service. More than 85,000 people downloaded it.

Days later, Facebook asked Khanna to disable it and a week after it released a Messenger app update addressing the flaw.

Facebook spokesman Matt Steinfeld said the company had been working on a Messenger update months before it became aware of Khanna’s app.

Two hours before he was supposed to leave to start his internship, Khanna received a call from a Facebook employee telling him that the company was rescinding the offer because he had violated the Facebook user agreement when he scraped the site for data.

Khanna wrote about the experience in a case study published Tuesday for the Harvard Journal of Technology Science. He spent the summer interning at a Silicon Valley startup and said the back-and-forth with Facebook ended up being a learning experience as well.

Tame Apple Press knives Microsoft’s Windows 10 plan

windows-10-start-menu-customised-live-tilesMicrosoft’s push into mobile might be stalled by the lack of apps as developers are only interested in writing for Android and iOS, at least that is if you really believe  the Tame Apple Press.

Microsoft put the fear of god into Google and Apple by making its new version of Windows accept tweaked Apple and Android apps. But Apple’s favourite news agency, Reuters claims that will not work because Apple is great and has all the developers while Microsoft smells of Nintendo.

The posting reads like a classic Tame Apple Press hatchet job on a potential Apple rival, the only difference is that it does mention Android every time it mentions Jobs’ Mob.

Reuters talked to “a dozen” of “unnamed developers” and found few were going to convert their apps to Microsoft’s new Windows 10.  Four, who already had windows apps said they would do so eventually but “eight said that they were not developing apps for Windows 10 at all”.

Buried at the bottom of the story is a line which confirms why this might be the case. Microsoft hasn’t actually unveiled its new set of tools to turn apps into a Windows format, and so developers don’t know if it is going to be easy or not.

That’s King.com, which ported its popular Candy Crush Saga game from iOS to Windows 10 “with very few code modifications” and will be installed automatically with upgrades to Windows 10.

A Microsoft spokesman said that “it is still early” and many software companies want to explore the tools over the coming months.

Also buried at the bottom of the story was a comment from Jason Thane, general manager at General UI, a mobile app developer based in Seattle who said that if Microsoft has a way for his customers to cheaply and easily upgrade Android and iOS apps for Windows 10 they will have a lot of people wanting to do it.

The rest of the story was all historical about how Microsoft has failed to interest developers in the past. The format of the story is identical to a format peddled in the early days of Android, when the Tame Apple Press would say that there was not enough Android Apps out there to compete with Apple.

Given what Microsoft is proposing, as the response from the Tame Apple Press, there is a fear that Microsoft might be on the right track and will take control of Apple and Android’s app store cache practically overnight.

Android apps let down Google's security

Android applications which have not been properly tested are opening the operating system up to malware, insecurity experts have found.

Researchers from Germany’s Leibniz University of Hannover and Philipps University of Marburg, found more than 41 applications in Google’s Play Market leak sensitive data as it travelled between handsets running the Ice Cream Sandwich version of Android and webservers for banks and other online services.

If you connect the devices to a local area network that used a variety of well-known exploits, some of them available online, it was a doddle to defeat the secure sockets layer and transport layer security protocols implemented by the apps.

The apps are popular and have been downloaded from 39.5 million and 185 million times, so there are a lot of insecure Android phones out there.

The researchers said that they could gather bank account information, payment credentials for PayPal, American Express and others.

Facebook, email and cloud storage credentials and messages were leaked, access to IP cameras was gained and control channels for apps and remote servers could be subverted, they said.

The researchers say that the problems underscore the fragility of the SSL and TLS protocols, which together form the basis for virtually all encryption between websites and users, Ars Technica reports.

The technology itself is fairly secure, but its protection can be undermined when certificate authorities don’t secure their infrastructure.

The researchers downloaded 13,500 free apps from Google Play and checked whether the SSL implementations of the apps were potentially vulnerable to “man-in-the-middle” exploits.

The results identified 1,074 apps, or eight percent of the sample, that contained SSL specific code that either accepts all certificates or all hostnames for a certificate and thus are potentially vulnerable to MITM attacks.

From the list of the 1,074 potentially vulnerable apps, the researchers picked 100 of them to crack and from that list 41 of them were vulnerable.

One thing that does surprise objective viewers that that the researchers didn’t run a comparison with Apple apps.  

The researchers did say that the openness of the Google platform made it easier to perform static analysis and zero in on the apps with SSL implementations that exposed sensitive user data. In other words, it was easier to test which apps were vulnerable using a system they invented. Apple software could also be vulnerable, but it’s harder to come up with an accurate test for it.

However, the vulnerability to apps is possibly universal for smartphones generally and companies would have to be insane to allow DIY policies on that basis. 

Wanna buy a gun wielding robot?

Japanese researchers have built a $1.2 million gun-wielding robot that can be controlled from your smartphone.

Dubbed the KR01 Kuratas Battle Mech, or Kuratas, the Robocop was unveiled by Suidobashi Heavy Industry in Tokyo.

According to APthe diesel-powered machine is four metres tall and weighs a humble 4.5 tonnes. It can move on four wheels and manage 10 km/h with the wind behind it and if it is going downhill.

Its weapon of choice is a Gatling gun capable of firing 100 rounds a second of ball bearings. It is activated via facial tracking technology when the trigger happy pilot smiles.

The “pilot” controls it from their smartphone or tablet and it is connected to a 3G network.

The pilot can sit in the cockpit where motion sensor technology allows the pilot to move the torso, arms and hands via 30 hydraulic joints.

Needless to say the robot is bullet proof. It is a bot like the Mitsubishi MK-6 Amplified Mobility Platform in James Cameron’s flick Avatar.

It can be programmed to perform such duties as firefighting and cleaning.

According to the company it comes in 16 different colours, and will be made to order, including a $90 optional cupholder in the cockpit. 

Apple losing battle with hacker

While the fruity cargo cult Apple advertises that its systems are totally secure, it is fighting a losing a battle with a Russian hacker who appears to be having a laugh.

Alexey Borodin published a video on YouTube showing users how they could avoid paying for in-app purchases without even having to gain root access to the system.

The method is actually simple. All you need to do is install two security certificates and change the DNS settings on their device.

Borodin claimed that more than 30,000 illegal in-app purchases have taken place since he told the world+dog about the hack.

The Russian seems to have a beef with the business model which offers you free software but insists you pay out for new features.

So far Apple has done nothing to fix the hack. Its efforts have concentrated on trying to censor the the instructional video.

As you might guess this was pretty silly as Borodin’s fans simply replaced it. Since the hack works by placing Borodin’s server in between the device and Apple, Jobs’ Mob blocked the IP address of the server used by Borodin to implement the hack, and convinced the host in Russia to shut down his service. It worked with PayPal to prevent him from receiving donations.

Borodin’s answer to that was to move the server to a new location and he now accepts donations using the anonymous Bitcoin service.

He has also tightened up the exploit to avoid interacting with the App Store, making it even harder for Apple to shut down.

His only problem is that the exploit has been so popular he can’t afford to pay for the bandwidth required to keep the exploit running much longer.

Another factor has entered the battle. Apple is rubbish at releasing updates to its software fast enough. While Microsoft could have been expected to release a patch for this sort of thing within days, Jobs’ Mob is still twiddling its thumbs. The Sydney Morning Herald points out that Apple recently released iOS 6 beta 3 to developers, but the patch didn’t block Borodin’s exploit.

So at the moment it is up to developers, who are seeing their profits going down the gurgler, to try and put people off the hack. At the moment that appears to be just warning about the perils of using a third-party DNS server.

The argument being that Borodin does not appear to be the most moral of people because he is ruining Apple’s day so therefore he must be nicking banking details and private data.

But Borodin claims in his “terms of service” document that he collects no data and users do not have to enter their Apple ID and password to use the exploit.

The exploit does not work with all apps, and developers can get around the exploit by releasing new versions of their apps that use their own web servers, not Apple, to validate receipts. The developers don’t like this idea because it increases costs. 

Yahoo kills mobile news bid

Troubled search engine outfit Yahoo has killed off a successful mobile news app six months after it was supposed to be the great white hope. .

Yahoo has decided to call it quits on one of the biggest bits of their mobile package a personalised magazine app for iPad, called Livestand.

Yahoo’s Livestand Team wrote on the company bog that it had decided to discontinue or consolidate a number of products across Yahoo!’s technology platforms over the course of 2012.

Apparently this platform consolidation lets it put many Yahoo! properties onto common key platforms and technologies to “make everything more scalable and nimble”.

So, it is not so much a discontinued product but a “focus on new opportunities”

Livestand was a little odd to kill off. It had a four star rating among Apple fanboys.

But Yahoo said that it had previously committed itself to shelf what’s not working and has already killed 10 different mobile applications for iPhone, iPad, Android, and BlackBerry devices.

The blog said Yahoo had learned a lot from Livestand and are actively applying those insights toward the development of future products that are better aligned with Yahoo!’s “holistic mobile” strategy.

We are not sure what a holistic mobile strategy is. We think it involves taking poison in microscopic doses. Yahoo has been chugging poison faster than a Jim Jones devotee with a desire to impress the boss.

Yahoo has not killed some of the applications annnounced back on Nov. 2, such as IntoNow, Yahoo’s social TV app for the iPad, or the new mobile platform called Cocktails. 

Top six computer outfits sign anti-spy accord

Six computer consumer computer companies have agreed to tell people whether they are snooping on you before you download applications.

The agreement forces Amazon, Apple, Google, Microsoft, RIM, and Hewlett-Packard to explain how they use private data before an app may be downloaded.

According to Reuters, the deal has been brokered by California’s Attorney General Kamala Harris  who appears to have twisted their arms until they agreed to common standards.

Harris said that users should not have to sacrifice personal privacy to use mobile apps.

More than two thirds of most downloaded apps do not have privacy notices, said Harris. Some downloaded apps also upload peoples’ contact book.

Google said in a statement that under the California agreement, Android users will have “even more ways to make informed decisions when it comes to their privacy.”

Apple confirmed it has signed up but did not give any details. Jobs’ Mob has been in a bit of hot water lately after it was discovered that an approved Apple add was more likely to steal data than one that had not.

The Attorney General has said that the State will sue under California’s unfair competition and false advertising laws if developers continue to publish apps without privacy notices. 

Barclays' PingIt app will 'certainly' be targeted by criminals

Barclays has announced its money-sending app, PingIt, which the bank claims is as safe as any other banking transaction.

While many may be concerned about sending money via their smartphones, Barclays believes that mobile payment will “revolutionise” the way money is passed around.

The free to use PingIt app will, at first, only send money from a Barclays account – but will mean that anyone will be able to register to receive money from a sender’s smartphone.

The money is sent using Barclay’s Faster Payments service, and the bank chain says that with a five digit PIN code needed to send payments it is as safe as a regular bank transaction.  However, in order make the transactions quick, full bank details are not required.

Barclays is playing down the amount of money users can send, painting it as an opportunity to quickly send a tenner to a friend or family member.

But the possibility to send up to £300 using the service – more than many standard accounts let you withdraw as cash from the bank each day – there will be concerns about the security.

Rik Ferguson, Director of Security Research & Communication at Trend Micro believes that there is serious potential the system could come under attack from criminals.

“It will certainly be a target,” Ferguson told TechEye. “Criminals follow consumer behaviour and if consumers begin to move money around on mobile devices that will be of distinct interest for criminals, and they will try and exploit it.”

Mobile users are already fairly lax with security, Ferguson says. “There are still far too many people who are not in the habit of locking their phone with a PIN,” he continued. “Obviously there is a PIN for the app itself but if you are not using the PIN on your phone you are increasing your risk.”

There is also the real possibility that criminals could create malicious software to target PingIt.

“We are already seeing increasing number of malicious apps out there,” Ferguson says. “Replica versions of the official apps available in app stores are already common tactics – for example, Angry Birds or Cut The Rope.

“It would be quite a simple matter to make a copy of the app and have people download it, and have it look like it is acting as normal but actually stealing information and finding out what the PIN is.”

Ferguson believes that there are plenty of ways in which PingIt has the potential to be exploited: “There is the possibility of key logging, so Barclays need to look at this as well as potential vulnerabilities or flaws in the code,” he said.

Steam comes to Android and iOS

Valve, developer of the Steam gaming distribution platform, announced today it is starting a closed Beta of its Steam Mobile App and is targeting Apple’s iOS and Google’s Android.

The Steam App will extend both store and community services in the increasingly popular mobile market where the iPhone and Android have resparked interest in casual gaming and have provided developers with a more than adequate source of income. The mobile gaming market is estimated to reach $1.6 billion by 2015.

Valve has a keen eye for the gaming business, and although it hasn’t arrived first on the spot, it hopes to expand its 40 million PC user base to include a likewise number of mobile gamers.

While not all features are currently available, we hear, the Steam Mobile App will allow users to chat and buy new games for their smartphone right away. Wishlists, video previews and other Steam staples are in the works.

Steam users are invited to apply for the closed Beta by logging into their accounts and downloading the mobile app. In time they will receive the thumbs-up from Valve as the Beta expands and puts the servers to the test with increasing numbers of gamers.

No plans have been announced for Windows Phone 7, as of yet, but it would be an even easier market for Steam to roll into.